Moin的LDAP认证（ActiveDirectory）

－ Reference
http://moinmo.in/HelpOnAuthentication

- Outline
1. 工作过程：
• 用户在登录界面输入用户名和密码，点击登录按钮
• On login, ldap_login.LDAPAuth checks username/password against LDAP.
  ◦ If username/password is ok for LDAP, it creates or updates a user profile with values from ldap (name, alias, email) and creates a user object in the MoinMoin process, then it hands over to the next authenticator...
  ◦ If username/password is not ok for LDAP, it vetoes and aborts the login (no other authenticators checked).
• If the login was successful, moin establishes a session for that user.
2. 配置过程：
You need to install python-ldap module (and everything it depends on, see its documentation).
You need an LDAP or AD server. 
See wiki/config/more_samples/ldap_wikiconfig_snippet in your moin dist archive for a snippet you can use in your wiki config.

- Step by Step
1. 安装python-ldap模块：
$ sudo apt-get install python-ldap
2. 检查AD参数：

3. 按照wiki/config/more_samples/ldap_wikiconfig_snippet示意，填写参数
        server_uri="ldap://localhost"
        bind_dn = "binduser@example.org" # (AD)
        bind_pw="",
        base_dn = "ou=SOMEUNIT,dc=example,dc=org",  # base DN we use for searching
        scope=2, # scope of the search we do (2 == ldap.SCOPE_SUBTREE)
        referrals=0, # LDAP REFERRALS (0 needed for AD)
        search_filter="(sAMAccountName=%(username)s)", # (AD)
4. 把这段内容放到配置类里面
class LocalConfig(DefaultConfig)或class Config(DefaultConfig)中